Send &amp;quot;WWW-Authenticate: Negotiate&amp;quot; on first RAP requesthttps://www.eclipse.org/forums/index.php/mv/msg/623184/1214145/#msg_1214145
we need to send the error code 401 (unauthorized) to the browser with
WWW-Authenticate: Negotiate" in the header on first RAP request. We do
this in a servlet filter using the extension point. Now our problem is,
that we need to do this on every single new browser tab and on reload.

Our problem is, that we can not find a clue in the HttpServletRequest
that indicates, if this is the first request we can send the 401 for.

Using servRequest.getSession() gives us NULL on first call, but not for
every new tab or reload. Same with cookie JSESSIONID. We also looked
into the RWTServlet to get some hints and tried to use the connection ID
with request.getParameter("cid"). But this returns NULL also during
normal work in the application, so sending 401 would crash the app.

Any hints would help...

Regrads,
Markus]]>2013-11-27T15:06:37-00:00Re: Send &amp;quot;WWW-Authenticate: Negotiate&amp;quot; on first RAP requesthttps://www.eclipse.org/forums/index.php/mv/msg/623184/1216654/#msg_1216654
the first request is always the GET request to the entrypoint URL that
fetches the index.html. All subsequent requests to this URL are either

* POST requests that send some application/json content to the server

or

* requests to a servicehandler,
those include the request parameter "servicehandler"

Static resources are fetched from /rwt-resources, not the entrypoint URL.

Professional services for RAP and RCP?http://eclipsesource.com/services/rap/]]>Ralf Sternberg2013-11-28T15:24:09-00:00Re: Send &amp;quot;WWW-Authenticate: Negotiate&amp;quot; on first RAP requesthttps://www.eclipse.org/forums/index.php/mv/msg/623184/1217226/#msg_1217226
that was a great tip and it works now except that we get some JSON parse
exception occasionally (see below).

I attached the filter as we cannot figure out why there is a problem
parsing json :-(

Thanks,
Markus

]
[28.11.13 21:37:30:112 CET] 0000002a webapp E
com.ibm.ws.webcontainer.webapp.WebApp logServletError SRVE0293E:
[Servlet Error]-[equinoxbridgeservlet]:
org.eclipse.rap.json.ParseException: Unexpected end of input at 1:0
at org.eclipse.rap.json.JsonParser.error(JsonParser.java:316)
at org.eclipse.rap.json.JsonParser.expected(JsonParser.java:310)
at org.eclipse.rap.json.JsonParser.readValue(JsonParser.java:74)
at org.eclipse.rap.json.JsonParser.parse(JsonParser.java:33)
at org.eclipse.rap.json.JsonValue.readFrom(JsonValue.java:88)
at org.eclipse.rap.json.JsonObject.readFrom(JsonObject.java:99)
at
org.eclipse.rap.rwt.internal.protocol.ProtocolUtil.getClientMessage(ProtocolUtil.java:66)
at
org.eclipse.rap.rwt.internal.service.LifeCycleServiceHandler.isSessionShutdown(LifeCycleServiceHandler.java:239)
at
org.eclipse.rap.rwt.internal.service.LifeCycleServiceHandler.synchronizedService(LifeCycleServiceHandler.java:77)
at
org.eclipse.rap.rwt.internal.service.LifeCycleServiceHandler.service(LifeCycleServiceHandler.java:66)
at
org.eclipse.rap.rwt.engine.RWTServlet.handleValidRequest(RWTServlet.java:119)
at
org.eclipse.rap.rwt.engine.RWTServlet.handleRequest(RWTServlet.java:106)
at org.eclipse.rap.rwt.engine.RWTServlet.doPost(RWTServlet.java:99)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:595)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:668)
at
org.eclipse.rap.rwt.osgi.internal.CutOffContextPathWrapper.service(CutOffContextPathWrapper.java:106)
at
org.eclipse.equinox.http.servlet.internal.ServletRegistration.service(ServletRegistration.java:61)
at
org.eclipse.equinox.http.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:38)
at
de.cenit.ecliso.ui.auth.internal.SingleSignOnFilter.doFilter(SingleSignOnFilter.java:86)
at
org.eclipse.equinox.http.registry.internal.FilterManager$FilterWrapper.doFilter(FilterManager.java:173)
at
org.eclipse.equinox.http.servlet.internal.FilterRegistration.doFilter(FilterRegistration.java:81)
at
org.eclipse.equinox.http.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:35)
at
org.eclipse.equinox.http.servlet.internal.ProxyServlet.processAlias(ProxyServlet.java:132)
at
org.eclipse.equinox.http.servlet.internal.ProxyServlet.service(ProxyServlet.java:60)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:668)
at
org.eclipse.equinox.servletbridge.BridgeServlet.service(BridgeServlet.java:120)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:668)
at
com.ibm.ws.webcontainer.servlet.ServletWrapper.service(ServletWrapper.java:1214)
at
com.ibm.ws.webcontainer.servlet.ServletWrapper.handleRequest(ServletWrapper.java:774)
at
com.ibm.ws.webcontainer.servlet.ServletWrapper.handleRequest(ServletWrapper.java:456)
at
com.ibm.ws.webcontainer.servlet.ServletWrapperImpl.handleRequest(ServletWrapperImpl.java:178)
at
com.ibm.ws.webcontainer.filter.WebAppFilterManager.invokeFilters(WebAppFilterManager.java:1027)
at
com.ibm.ws.webcontainer.servlet.CacheServletWrapper.handleRequest(CacheServletWrapper.java:87)
at
com.ibm.ws.webcontainer.WebContainer.handleRequest(WebContainer.java:895)
at
com.ibm.ws.webcontainer.WSWebContainer.handleRequest(WSWebContainer.java:1662)
at
com.ibm.ws.webcontainer.channel.WCChannelLink.ready(WCChannelLink.java:195)
at
com.ibm.ws.http.channel.inbound.impl.HttpInboundLink.handleDiscrimination(HttpInboundLink.java:452)
at
com.ibm.ws.http.channel.inbound.impl.HttpInboundLink.handleNewRequest(HttpInboundLink.java:511)
at
com.ibm.ws.http.channel.inbound.impl.HttpInboundLink.processRequest(HttpInboundLink.java:305)
at
com.ibm.ws.http.channel.inbound.impl.HttpICLReadCallback.complete(HttpICLReadCallback.java:83)
at
com.ibm.ws.tcp.channel.impl.AioReadCompletionListener.futureCompleted(AioReadCompletionListener.java:165)
at
com.ibm.io.async.AbstractAsyncFuture.invokeCallback(AbstractAsyncFuture.java:217)
at
com.ibm.io.async.AsyncChannelFuture.fireCompletionActions(AsyncChannelFuture.java:161)
at com.ibm.io.async.AsyncFuture.completed(AsyncFuture.java:138)
at com.ibm.io.async.ResultHandler.complete(ResultHandler.java:204)
at
com.ibm.io.async.ResultHandler.runEventProcessingLoop(ResultHandler.java:775)
at com.ibm.io.async.ResultHandler$2.run(ResultHandler.java:905)
at com.ibm.ws.util.ThreadPool$Worker.run(ThreadPool.java:1659)

Am 28.11.2013 16:24, schrieb Ralf Sternberg:
> Hi Markus,
>
> the first request is always the GET request to the entrypoint URL that
> fetches the index.html. All subsequent requests to this URL are either
>
> * POST requests that send some application/json content to the server
>
> or
>
> * requests to a servicehandler,
> those include the request parameter "servicehandler"
>
> Static resources are fetched from /rwt-resources, not the entrypoint URL.
>
> Does this help?
>
> Best regards,
> Ralf
>

/**
* A filter to set the negotiation header to begin the negotiation between
* browser and server. If the browser responds with a negotiation token, it will
* be stored like cookie, in the current request for further processing.
*/
public class SingleSignOnFilter implements Filter {